From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <kvm-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D392BC05027
	for <kvm@archiver.kernel.org>; Tue, 14 Mar 2023 18:10:41 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229690AbjCNSKl (ORCPT <rfc822;kvm@archiver.kernel.org>);
        Tue, 14 Mar 2023 14:10:41 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59080 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229464AbjCNSKj (ORCPT <rfc822;kvm@vger.kernel.org>);
        Tue, 14 Mar 2023 14:10:39 -0400
Received: from out-51.mta1.migadu.com (out-51.mta1.migadu.com [IPv6:2001:41d0:203:375::33])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 225C619C7B
        for <kvm@vger.kernel.org>; Tue, 14 Mar 2023 11:10:34 -0700 (PDT)
X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers.
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1;
        t=1678817432;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=z/e8hGKQr30b5ZvdSDvuiuWs97jzQhjwuRhF+vuhvk8=;
        b=To69XkfxqTbOxl5n49kjumMJ7t3j0izNLm88VXspv8c8B1+4S6tHPjESl9RFvOvz5Jh7DF
        lkTAuaGZs3L9wVaF4ymnTYNduKWZbOGf4ywCvG2CXyclM04KVH2tsFAlgx56LqPoYUMb4+
        OJMdIAmSGztCai6SQVzNcJxb7j0U+ik=
From:   Oliver Upton <oliver.upton@linux.dev>
To:     Marc Zyngier <maz@kernel.org>, David Matlack <dmatlack@google.com>
Cc:     Oliver Upton <oliver.upton@linux.dev>,
        linux-arm-kernel@lists.infradead.org, kvm@vger.kernel.org,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        Marcelo Tosatti <mtosatti@redhat.com>,
        James Morse <james.morse@arm.com>,
        Zenghui Yu <yuzenghui@huawei.com>,
        Sean Christopherson <seanjc@google.com>,
        stable@vger.kernel.org,
        Christoffer Dall <c.dall@virtualopensystems.com>,
        kvmarm@lists.linux.dev, Will Deacon <will@kernel.org>
Subject: Re: [PATCH] KVM: arm64: Retry fault if vma_lookup() results become invalid
Date:   Tue, 14 Mar 2023 18:10:18 +0000
Message-Id: <167881740956.623301.15796552782250010868.b4-ty@linux.dev>
In-Reply-To: <20230313235454.2964067-1-dmatlack@google.com>
References: <20230313235454.2964067-1-dmatlack@google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
X-Migadu-Flow: FLOW_OUT
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org

On Mon, 13 Mar 2023 16:54:54 -0700, David Matlack wrote:
> Read mmu_invalidate_seq before dropping the mmap_lock so that KVM can
> detect if the results of vma_lookup() (e.g. vma_shift) become stale
> before it acquires kvm->mmu_lock. This fixes a theoretical bug where a
> VMA could be changed by userspace after vma_lookup() and before KVM
> reads the mmu_invalidate_seq, causing KVM to install page table entries
> based on a (possibly) no-longer-valid vma_shift.
> 
> [...]

Applied to kvmarm/fixes, thanks!

[1/1] KVM: arm64: Retry fault if vma_lookup() results become invalid
      https://git.kernel.org/kvmarm/kvmarm/c/13ec9308a857

--
Best,
Oliver